You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by neo21 zerro <ne...@yahoo.com> on 2010/06/09 22:52:05 UTC
HTTP Status 408!
Hello,
I'm using Tomcat 6.0.26 with java 1.5 JDK.
I've developed a JAAS login module for my application and when I try to login in my app a strange error occur's:
HTTP Status 408:The time allowed for the login process has been exceeded. If you wish to continue you must either click back twice and re-click the link you
requested or close and re-open your browser.
I've made a little research about the problem and everyone said that it goes away if you enable the cookies(made that and the error still occurs). Another thing is that the actual JAAS login module authenticate the user but when it should display the protected resource the error occurs.
So if anyone has some ideas please share!
Thank you very much!!!
Re: HTTP Status 408!
Posted by neo21 zerro <ne...@yahoo.com>.
Hello,
this is my login.html page:
<FORM ACTION="j_security_check" METHOD="POST">
<input id="username" type="text" size="20" name="j_username" AUTOCOMPLETE="OFF">
<input type="password" size="20" name="j_password" AUTOCOMPLETE="OFF">
<input type="submit" name="login" value="Login">
________________________________
From: Martin Gainty <mg...@hotmail.com>
To: Tomcat Users List <us...@tomcat.apache.org>
Sent: Thu, June 10, 2010 4:34:11 PM
Subject: RE: HTTP Status 408!
the form-login-page login.html *should* contain the j_security parameters for your login form e.g.:
<form method="POST" action="j_security_check">
<input type="text" name="j_username">
<input type="text" name="j_password">
<input type="submit" value="Log in">
</form>
is this the case?
Martin Gainty
______________________________________________
Verzicht und Vertraulichkeitanmerkung/Note de déni et de confidentialité
Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht dient lediglich dem Austausch von Informationen und entfaltet keine rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von E-Mails koennen wir keine Haftung fuer den Inhalt uebernehmen.
Ce message est confidentiel et peut être privilégié. Si vous n'êtes pas le destinataire prévu, nous te demandons avec bonté que pour satisfaire informez l'expéditeur. N'importe quelle diffusion non autorisée ou la copie de ceci est interdite. Ce message sert à l'information seulement et n'aura pas n'importe quel effet légalement obligatoire. Étant donné que les email peuvent facilement être sujets à la manipulation, nous ne pouvons accepter aucune responsabilité pour le contenu fourni.
> Date: Thu, 10 Jun 2010 06:19:36 -0700
> From: neo21_zerro@yahoo.com
> Subject: Re: HTTP Status 408!
> To: users@tomcat.apache.org; pid@pidster.com
>
>
>
> Yes every time I want to login!
>
> <security-constraint>
> <web-resource-collection>
> <web-resource-name>User Application</web-resource-name>
> <url-pattern>/*</url-pattern>
> </web-resource-collection>
> <auth-constraint>
> <role-name>user</role-name>
> </auth-constraint>
> </security-constraint>
>
> <login-config>
> <auth-method>FORM</auth-method>
> <realm-name>user</realm-name>
> <form-login-config>
> <form-login-page>/forms/login.html</form-login-page>
> <form-error-page>/forms/error.html</form-error-page>
> </form-login-config>
> </login-config>
> <security-role>
> <description>User Role for authentication</description>
> <role-name>user</role-name>
> </security-role>
>
>
>
>
> ________________________________
> From: Pid <pi...@pidster.com>
> To: Tomcat Users List <us...@tomcat.apache.org>
> Sent: Thu, June 10, 2010 3:43:18 PM
> Subject: Re: HTTP Status 408!
>
> On 10/06/2010 12:06, neo21 zerro wrote:
> > Hello ,
> >
> >
> > Good news I found a way to get rid of the error with this code in my JASS:
> > session = req.getSession(true);
> >
> >
> > But now I get another strage error :
> >
> > HTTP Status 400 - Invalid direct reference to form login page
> > ________________________________
> >
> > type Status report
> > message Invalid direct reference to form login page
> > description The request sent by the client was syntactically incorrect (Invalid
> > direct reference to form login page).
>
> Does this occur every time you try to log in?
>
> Please post the login config from web.xml.
>
>
> p
>
>
>
>
> > ________________________________
> >
> >
> > The response header looks like this:
> >
> > Response Headersview source
> > Server Apache-Coyote/1.1
> > Content-Type text/html;charset=utf-8
> > Content-Length 1100
> > Date Thu, 10 Jun 2010 10:51:56
> > GMT
> > Connection close
> > Request Headersview source
> > Host localhost:8080
> > User-Agent Mozilla/5.0 (Windows; U;
> > Windows NT 5.2; en-US; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3
> > Accept text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
> > Accept-Language en-us,en;q=0.5
> > Accept-Encoding gzip,deflate
> > Accept-Charset ISO-8859-1,utf-8;q=0.7,*;q=0.7
> > Keep-Alive 115
> > Connection keep-alive
> > Cookie JSESSIONID=3AFB0FC0977ABA49563E858035F02617
> >
> >
> >
> >
> >
> >
> >
> > ________________________________
> > From: Pid <pi...@pidster.com>
> > To: Tomcat Users List <us...@tomcat.apache.org>
> > Sent: Thu, June 10, 2010 12:13:34 PM
> > Subject: Re: HTTP Status 408!
> >
> > On 09/06/2010 21:52, neo21 zerro wrote:
> >> Hello,
> >>
> >> I'm using Tomcat 6.0.26 with java 1.5 JDK.
> >>
> >>
> >> I've developed a JAAS login module for my application and when I try to login in my app a strange error occur's:
> >> HTTP Status 408:The time allowed for the login process has been exceeded. If you wish to continue you must either click back twice and re-click the link you
> >> requested or close and re-open your browser.
> >> I've made a little research about the problem and everyone said that it goes away if you enable the cookies(made that and the error still occurs). Another thing is that the actual JAAS login module authenticate the user but when it should display the protected resource the error occurs.
> >>
> >> So if anyone has some ideas please share!
> >
> > What have you configured the session time to be?
> >
> >
> > p
> >
> >
> >
>
>
>
_________________________________________________________________
Hotmail is redefining busy with tools for the New Busy. Get more from your inbox.
http://www.windowslive.com/campaign/thenewbusy?ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_2
RE: HTTP Status 408!
Posted by Martin Gainty <mg...@hotmail.com>.
the form-login-page login.html *should* contain the j_security parameters for your login form e.g.:
<form method="POST" action="j_security_check">
<input type="text" name="j_username">
<input type="text" name="j_password">
<input type="submit" value="Log in">
</form>
is this the case?
Martin Gainty
______________________________________________
Verzicht und Vertraulichkeitanmerkung/Note de déni et de confidentialité
Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht dient lediglich dem Austausch von Informationen und entfaltet keine rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von E-Mails koennen wir keine Haftung fuer den Inhalt uebernehmen.
Ce message est confidentiel et peut être privilégié. Si vous n'êtes pas le destinataire prévu, nous te demandons avec bonté que pour satisfaire informez l'expéditeur. N'importe quelle diffusion non autorisée ou la copie de ceci est interdite. Ce message sert à l'information seulement et n'aura pas n'importe quel effet légalement obligatoire. Étant donné que les email peuvent facilement être sujets à la manipulation, nous ne pouvons accepter aucune responsabilité pour le contenu fourni.
> Date: Thu, 10 Jun 2010 06:19:36 -0700
> From: neo21_zerro@yahoo.com
> Subject: Re: HTTP Status 408!
> To: users@tomcat.apache.org; pid@pidster.com
>
>
>
> Yes every time I want to login!
>
> <security-constraint>
> <web-resource-collection>
> <web-resource-name>User Application</web-resource-name>
> <url-pattern>/*</url-pattern>
> </web-resource-collection>
> <auth-constraint>
> <role-name>user</role-name>
> </auth-constraint>
> </security-constraint>
>
> <login-config>
> <auth-method>FORM</auth-method>
> <realm-name>user</realm-name>
> <form-login-config>
> <form-login-page>/forms/login.html</form-login-page>
> <form-error-page>/forms/error.html</form-error-page>
> </form-login-config>
> </login-config>
> <security-role>
> <description>User Role for authentication</description>
> <role-name>user</role-name>
> </security-role>
>
>
>
>
> ________________________________
> From: Pid <pi...@pidster.com>
> To: Tomcat Users List <us...@tomcat.apache.org>
> Sent: Thu, June 10, 2010 3:43:18 PM
> Subject: Re: HTTP Status 408!
>
> On 10/06/2010 12:06, neo21 zerro wrote:
> > Hello ,
> >
> >
> > Good news I found a way to get rid of the error with this code in my JASS:
> > session = req.getSession(true);
> >
> >
> > But now I get another strage error :
> >
> > HTTP Status 400 - Invalid direct reference to form login page
> > ________________________________
> >
> > type Status report
> > message Invalid direct reference to form login page
> > description The request sent by the client was syntactically incorrect (Invalid
> > direct reference to form login page).
>
> Does this occur every time you try to log in?
>
> Please post the login config from web.xml.
>
>
> p
>
>
>
>
> > ________________________________
> >
> >
> > The response header looks like this:
> >
> > Response Headersview source
> > Server Apache-Coyote/1.1
> > Content-Type text/html;charset=utf-8
> > Content-Length 1100
> > Date Thu, 10 Jun 2010 10:51:56
> > GMT
> > Connection close
> > Request Headersview source
> > Host localhost:8080
> > User-Agent Mozilla/5.0 (Windows; U;
> > Windows NT 5.2; en-US; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3
> > Accept text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
> > Accept-Language en-us,en;q=0.5
> > Accept-Encoding gzip,deflate
> > Accept-Charset ISO-8859-1,utf-8;q=0.7,*;q=0.7
> > Keep-Alive 115
> > Connection keep-alive
> > Cookie JSESSIONID=3AFB0FC0977ABA49563E858035F02617
> >
> >
> >
> >
> >
> >
> >
> > ________________________________
> > From: Pid <pi...@pidster.com>
> > To: Tomcat Users List <us...@tomcat.apache.org>
> > Sent: Thu, June 10, 2010 12:13:34 PM
> > Subject: Re: HTTP Status 408!
> >
> > On 09/06/2010 21:52, neo21 zerro wrote:
> >> Hello,
> >>
> >> I'm using Tomcat 6.0.26 with java 1.5 JDK.
> >>
> >>
> >> I've developed a JAAS login module for my application and when I try to login in my app a strange error occur's:
> >> HTTP Status 408:The time allowed for the login process has been exceeded. If you wish to continue you must either click back twice and re-click the link you
> >> requested or close and re-open your browser.
> >> I've made a little research about the problem and everyone said that it goes away if you enable the cookies(made that and the error still occurs). Another thing is that the actual JAAS login module authenticate the user but when it should display the protected resource the error occurs.
> >>
> >> So if anyone has some ideas please share!
> >
> > What have you configured the session time to be?
> >
> >
> > p
> >
> >
> >
>
>
>
_________________________________________________________________
Hotmail is redefining busy with tools for the New Busy. Get more from your inbox.
http://www.windowslive.com/campaign/thenewbusy?ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_2
Re: HTTP Status 408!
Posted by Pid <pi...@pidster.com>.
On 10/06/2010 14:19, neo21 zerro wrote:
>
> Yes every time I want to login!
>
> <security-constraint>
> <web-resource-collection>
> <web-resource-name>User Application</web-resource-name>
> <url-pattern>/*</url-pattern>
> </web-resource-collection>
> <auth-constraint>
> <role-name>user</role-name>
> </auth-constraint>
> </security-constraint>
>
> <login-config>
> <auth-method>FORM</auth-method>
> <realm-name>user</realm-name>
> <form-login-config>
> <form-login-page>/forms/login.html</form-login-page>
> <form-error-page>/forms/error.html</form-error-page>
I usually place them in:
WEB-INF/login/form.jsp
WEB-INF/login/error.jsp
so they can't be requested directly.
Use a JSP so you can properly encode the j_security_check URL.
<%= response.encodeURL('j_security_check') %>
p
> </form-login-config>
> </login-config>
> <security-role>
> <description>User Role for authentication</description>
> <role-name>user</role-name>
> </security-role>
>
>
>
> ------------------------------------------------------------------------
> *From:* Pid <pi...@pidster.com>
> *To:* Tomcat Users List <us...@tomcat.apache.org>
> *Sent:* Thu, June 10, 2010 3:43:18 PM
> *Subject:* Re: HTTP Status 408!
>
> On 10/06/2010 12:06, neo21 zerro wrote:
>> Hello ,
>>
>>
>> Good news I found a way to get rid of the error with this code in my JASS:
>> session = req.getSession(true);
>>
>>
>> But now I get another strage error :
>>
>> HTTP Status 400 - Invalid direct reference to form login page
>> ________________________________
>>
>> type Status report
>> message Invalid direct reference to form login page
>> description The request sent by the client was syntactically incorrect
> (Invalid
>> direct reference to form login page).
>
> Does this occur every time you try to log in?
>
> Please post the login config from web.xml.
>
>
> p
>
>
>
>
>> ________________________________
>>
>>
>> The response header looks like this:
>>
>> Response Headersview source
>> Server Apache-Coyote/1.1
>> Content-Type text/html;charset=utf-8
>> Content-Length 1100
>> Date Thu, 10 Jun 2010 10:51:56
>> GMT
>> Connection close
>> Request Headersview source
>> Host localhost:8080
>> User-Agent Mozilla/5.0 (Windows; U;
>> Windows NT 5.2; en-US; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3
>> Accept text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
>> Accept-Language en-us,en;q=0.5
>> Accept-Encoding gzip,deflate
>> Accept-Charset ISO-8859-1,utf-8;q=0.7,*;q=0.7
>> Keep-Alive 115
>> Connection keep-alive
>> Cookie JSESSIONID=3AFB0FC0977ABA49563E858035F02617
>>
>>
>>
>>
>>
>>
>>
>> ________________________________
>> From: Pid <pid@pidster.com <ma...@pidster.com>>
>> To: Tomcat Users List <users@tomcat.apache.org
> <ma...@tomcat.apache.org>>
>> Sent: Thu, June 10, 2010 12:13:34 PM
>> Subject: Re: HTTP Status 408!
>>
>> On 09/06/2010 21:52, neo21 zerro wrote:
>>> Hello,
>>>
>>> I'm using Tomcat 6.0.26 with java 1.5 JDK.
>>>
>>>
>>> I've developed a JAAS login module for my application and when
> I try to login in my app a strange error occur's:
>>> HTTP Status 408:The time allowed for the login process has been
> exceeded. If you wish to continue you must either click back twice and
> re-click the link you
>>> requested or close and re-open your browser.
>>> I've made a little research about the problem and everyone said
> that it goes away if you enable the cookies(made that and the error
> still occurs). Another thing is that the actual JAAS login module
> authenticate the user but when it should display the protected resource
> the error occurs.
>>>
>>> So if anyone has some ideas please share!
>>
>> What have you configured the session time to be?
>>
>>
>> p
>>
>>
>>
>
>
>
Re: HTTP Status 408!
Posted by neo21 zerro <ne...@yahoo.com>.
Yes every time I want to login!
<security-constraint>
<web-resource-collection>
<web-resource-name>User Application</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>user</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>user</realm-name>
<form-login-config>
<form-login-page>/forms/login.html</form-login-page>
<form-error-page>/forms/error.html</form-error-page>
</form-login-config>
</login-config>
<security-role>
<description>User Role for authentication</description>
<role-name>user</role-name>
</security-role>
________________________________
From: Pid <pi...@pidster.com>
To: Tomcat Users List <us...@tomcat.apache.org>
Sent: Thu, June 10, 2010 3:43:18 PM
Subject: Re: HTTP Status 408!
On 10/06/2010 12:06, neo21 zerro wrote:
> Hello ,
>
>
> Good news I found a way to get rid of the error with this code in my JASS:
> session = req.getSession(true);
>
>
> But now I get another strage error :
>
> HTTP Status 400 - Invalid direct reference to form login page
> ________________________________
>
> type Status report
> message Invalid direct reference to form login page
> description The request sent by the client was syntactically incorrect (Invalid
> direct reference to form login page).
Does this occur every time you try to log in?
Please post the login config from web.xml.
p
> ________________________________
>
>
> The response header looks like this:
>
> Response Headersview source
> Server Apache-Coyote/1.1
> Content-Type text/html;charset=utf-8
> Content-Length 1100
> Date Thu, 10 Jun 2010 10:51:56
> GMT
> Connection close
> Request Headersview source
> Host localhost:8080
> User-Agent Mozilla/5.0 (Windows; U;
> Windows NT 5.2; en-US; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3
> Accept text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
> Accept-Language en-us,en;q=0.5
> Accept-Encoding gzip,deflate
> Accept-Charset ISO-8859-1,utf-8;q=0.7,*;q=0.7
> Keep-Alive 115
> Connection keep-alive
> Cookie JSESSIONID=3AFB0FC0977ABA49563E858035F02617
>
>
>
>
>
>
>
> ________________________________
> From: Pid <pi...@pidster.com>
> To: Tomcat Users List <us...@tomcat.apache.org>
> Sent: Thu, June 10, 2010 12:13:34 PM
> Subject: Re: HTTP Status 408!
>
> On 09/06/2010 21:52, neo21 zerro wrote:
>> Hello,
>>
>> I'm using Tomcat 6.0.26 with java 1.5 JDK.
>>
>>
>> I've developed a JAAS login module for my application and when I try to login in my app a strange error occur's:
>> HTTP Status 408:The time allowed for the login process has been exceeded. If you wish to continue you must either click back twice and re-click the link you
>> requested or close and re-open your browser.
>> I've made a little research about the problem and everyone said that it goes away if you enable the cookies(made that and the error still occurs). Another thing is that the actual JAAS login module authenticate the user but when it should display the protected resource the error occurs.
>>
>> So if anyone has some ideas please share!
>
> What have you configured the session time to be?
>
>
> p
>
>
>
Re: HTTP Status 408!
Posted by Pid <pi...@pidster.com>.
On 10/06/2010 12:06, neo21 zerro wrote:
> Hello ,
>
>
> Good news I found a way to get rid of the error with this code in my JASS:
> session = req.getSession(true);
>
>
> But now I get another strage error :
>
> HTTP Status 400 - Invalid direct reference to form login page
> ________________________________
>
> type Status report
> message Invalid direct reference to form login page
> description The request sent by the client was syntactically incorrect (Invalid
> direct reference to form login page).
Does this occur every time you try to log in?
Please post the login config from web.xml.
p
> ________________________________
>
>
> The response header looks like this:
>
> Response Headersview source
> Server Apache-Coyote/1.1
> Content-Type text/html;charset=utf-8
> Content-Length 1100
> Date Thu, 10 Jun 2010 10:51:56
> GMT
> Connection close
> Request Headersview source
> Host localhost:8080
> User-Agent Mozilla/5.0 (Windows; U;
> Windows NT 5.2; en-US; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3
> Accept text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
> Accept-Language en-us,en;q=0.5
> Accept-Encoding gzip,deflate
> Accept-Charset ISO-8859-1,utf-8;q=0.7,*;q=0.7
> Keep-Alive 115
> Connection keep-alive
> Cookie JSESSIONID=3AFB0FC0977ABA49563E858035F02617
>
>
>
>
>
>
>
> ________________________________
> From: Pid <pi...@pidster.com>
> To: Tomcat Users List <us...@tomcat.apache.org>
> Sent: Thu, June 10, 2010 12:13:34 PM
> Subject: Re: HTTP Status 408!
>
> On 09/06/2010 21:52, neo21 zerro wrote:
>> Hello,
>>
>> I'm using Tomcat 6.0.26 with java 1.5 JDK.
>>
>>
>> I've developed a JAAS login module for my application and when I try to login in my app a strange error occur's:
>> HTTP Status 408:The time allowed for the login process has been exceeded. If you wish to continue you must either click back twice and re-click the link you
>> requested or close and re-open your browser.
>> I've made a little research about the problem and everyone said that it goes away if you enable the cookies(made that and the error still occurs). Another thing is that the actual JAAS login module authenticate the user but when it should display the protected resource the error occurs.
>>
>> So if anyone has some ideas please share!
>
> What have you configured the session time to be?
>
>
> p
>
>
>
Re: HTTP Status 408!
Posted by neo21 zerro <ne...@yahoo.com>.
Hello ,
Good news I found a way to get rid of the error with this code in my JASS:
session = req.getSession(true);
But now I get another strage error :
HTTP Status 400 - Invalid direct reference to form login page
________________________________
type Status report
message Invalid direct reference to form login page
description The request sent by the client was syntactically incorrect (Invalid
direct reference to form login page).
________________________________
The response header looks like this:
Response Headersview source
Server Apache-Coyote/1.1
Content-Type text/html;charset=utf-8
Content-Length 1100
Date Thu, 10 Jun 2010 10:51:56
GMT
Connection close
Request Headersview source
Host localhost:8080
User-Agent Mozilla/5.0 (Windows; U;
Windows NT 5.2; en-US; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3
Accept text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language en-us,en;q=0.5
Accept-Encoding gzip,deflate
Accept-Charset ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive 115
Connection keep-alive
Cookie JSESSIONID=3AFB0FC0977ABA49563E858035F02617
________________________________
From: Pid <pi...@pidster.com>
To: Tomcat Users List <us...@tomcat.apache.org>
Sent: Thu, June 10, 2010 12:13:34 PM
Subject: Re: HTTP Status 408!
On 09/06/2010 21:52, neo21 zerro wrote:
> Hello,
>
> I'm using Tomcat 6.0.26 with java 1.5 JDK.
>
>
> I've developed a JAAS login module for my application and when I try to login in my app a strange error occur's:
> HTTP Status 408:The time allowed for the login process has been exceeded. If you wish to continue you must either click back twice and re-click the link you
> requested or close and re-open your browser.
> I've made a little research about the problem and everyone said that it goes away if you enable the cookies(made that and the error still occurs). Another thing is that the actual JAAS login module authenticate the user but when it should display the protected resource the error occurs.
>
> So if anyone has some ideas please share!
What have you configured the session time to be?
p
Re: HTTP Status 408!
Posted by neo21 zerro <ne...@yahoo.com>.
Hello Pid ,
Thanks for your time!
I put this in my web.xml :
<session-config>
<session-timeout>30</session-timeout> <!-- 30 minutes -->
</session-config>
________________________________
From: Pid <pi...@pidster.com>
To: Tomcat Users List <us...@tomcat.apache.org>
Sent: Thu, June 10, 2010 12:13:34 PM
Subject: Re: HTTP Status 408!
On 09/06/2010 21:52, neo21 zerro wrote:
> Hello,
>
> I'm using Tomcat 6.0.26 with java 1.5 JDK.
>
>
> I've developed a JAAS login module for my application and when I try to login in my app a strange error occur's:
> HTTP Status 408:The time allowed for the login process has been exceeded. If you wish to continue you must either click back twice and re-click the link you
> requested or close and re-open your browser.
> I've made a little research about the problem and everyone said that it goes away if you enable the cookies(made that and the error still occurs). Another thing is that the actual JAAS login module authenticate the user but when it should display the protected resource the error occurs.
>
> So if anyone has some ideas please share!
What have you configured the session time to be?
p
Re: HTTP Status 408!
Posted by Pid <pi...@pidster.com>.
On 09/06/2010 21:52, neo21 zerro wrote:
> Hello,
>
> I'm using Tomcat 6.0.26 with java 1.5 JDK.
>
>
> I've developed a JAAS login module for my application and when I try to login in my app a strange error occur's:
> HTTP Status 408:The time allowed for the login process has been exceeded. If you wish to continue you must either click back twice and re-click the link you
> requested or close and re-open your browser.
> I've made a little research about the problem and everyone said that it goes away if you enable the cookies(made that and the error still occurs). Another thing is that the actual JAAS login module authenticate the user but when it should display the protected resource the error occurs.
>
> So if anyone has some ideas please share!
What have you configured the session time to be?
p
Re: HTTP Status 408!
Posted by Konstantin Kolinko <kn...@gmail.com>.
2010/6/10 neo21 zerro <ne...@yahoo.com>:
> Are there other versions of Tomcat ? I mean newer versions, like 7 ?
>
There is "RC 4" build of Tomcat 7 available for testing. See a thread on dev@.
Best regards,
Konstantin Kolinko
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: HTTP Status 408!
Posted by neo21 zerro <ne...@yahoo.com>.
Thanks Pid for your time and answers. Clearly that is not an option for me...I'll wait for Tomcat 7 then :)
Thanks!
________________________________
From: Pid <pi...@pidster.com>
To: Tomcat Users List <us...@tomcat.apache.org>
Sent: Tue, June 22, 2010 3:41:02 PM
Subject: Re: HTTP Status 408!
On 22/06/2010 13:25, neo21 zerro wrote:
> Can you provide a hint on how to perform automatic login using BASIC
> authentication?
Did you look at the link I sent?
> Or can I somehow modify the class FormAuthenticator? and tell Tomcat to
> use my custom class....
FormAuthenticator is a Valve, it is automatically added to the Valve
pipeline for each Context it's used with. Look at the source for
FormAuthenticator.
You can manually define your own Authenticator implementation, in
META-INF/context.xml.
<?xml version="1.0" encoding="UTF-8"?>
<Context
...
reloadable="true">
<WatchedResource>WEB-INF/web.xml</WatchedResource>
<Valve className="my.package.MyAuthenticator" />
</Context>
N.B. Use your own Authenticator and you'll have to make sure every
Tomcat upgrade is thoroughly checked for changes to the related classes.
Tomcat 7.0 will have programmatic login as it implements Servlet 3.0, so
you might only need to do this is a temporary measure.
p
> ------------------------------------------------------------------------
> *From:* Pid <pi...@pidster.com>
> *To:* Tomcat Users List <us...@tomcat.apache.org>
> *Sent:* Mon, June 21, 2010 7:52:40 PM
> *Subject:* Re: HTTP Status 408!
>
> On 21/06/2010 17:36, neo21 zerro wrote:
>>
>>
>> Ok. Something like this ?
>>
>>
>>
>> URL protectedResource = new URL("http://localhost:8080/resource");
>> *URLConnection yc = *protectedResource*.openConnection();*
>> BufferedReader in = new BufferedReader(
>> new InputStreamReader(
>> *yc.getInputStream()*));
>> String inputLine;
>>
>> while ((inputLine = in.readLine()) != null)
>> //check if the response is the login page
>> in.close();
>>
>> if(The response is login page){
>>
>>
>> //make another request with to specific params for the
> authentication
>> }
>
> It's actually much easier to use BASIC auth if a machine is logging in.
> Look at: http://hc.apache.org/
>
>> My question is that in the second request I need to open a browser so
> is the session id of the
>> first request the same with the session id of the second request?
> because the FormAuthenticator need's
>> the session id of the first request to retrieve the protected resource?
>
> Yes, the session id will be required. If the URLs are encoded properly
> as per previous discussion, then the form action attribute will be
> re-encoded to incorporate the session id - you'll see how to submit to a
> modified URL if you examine the returned HTML for the login form.
>
>
> p
>
>> ------------------------------------------------------------------------
>> *From:* Pid <pid@pidster.com <ma...@pidster.com>>
>> *To:* Tomcat Users List <users@tomcat.apache.org
> <ma...@tomcat.apache.org>>
>> *Sent:* Mon, June 21, 2010 6:19:44 PM
>> *Subject:* Re: HTTP Status 408!
>>
>> On 21/06/2010 15:48, neo21 zerro wrote:
>>> Ok.I already have send params from my other application to my
>>> Tomcat application and everything goes well, I make this with the
>>> j_security_check on a post method, and I track down the path with the
>>> debug log. The problem is that in the
>>> org.apache.catalina.authenticator.FormAuthenticator in the authenticate
>>> method the user is getting authenticated but when the user should be
>>> redirected to the initial saved request, null is returned.
>>> So my problem is that I make */programmaticaly
>>>
>> <http://www.google.ro/search?hl=ro&ei=IXsfTMiCB46C_AaVtpm9DQ&sa=X&oi=spell&resnum=0&ct=result&cd=1&ved=0CCwQBSgA&q=programmaticaly&spell=1 http://www.google.ro/search?hl=ro&ei=IXsfTMiCB46C_AaVtpm9DQ&sa=X&oi=spell&resnum=0&ct=result&cd=1&ved=0CCwQBSgA&q=programmaticaly&spell=1>
>>
> <http://www.google.ro/search?hl=ro&ei=IXsfTMiCB46C_AaVtpm9DQ&sa=X&oi=spell&resnum=0&ct=result&cd=1&ved=0CCwQBSgA&q=programmaticaly&spell=1
> <http://www.google.ro/search?hl=ro&ei=IXsfTMiCB46C_AaVtpm9DQ&sa=X&oi=spell&resnum=0&ct=result&cd=1&ved=0CCwQBSgA&q=programmaticaly&spell=1>>>
>> /*just
>>> a request to my Tomcat web app authenticating the user per user params
>>> but I need somehow to tell the FormAuthenticator what the saved request
>>> should be. Any ideas?
>>
>> The process is:
>>
>> 1. make a request for a protected resource
>> 2. check the response is what you want,
>>
>> 3. if it's not, but contains a login form
>> 4. submit username & password against form url
>>
>>
>> FormAuthenticator creates the saved request at step 1.
>>
>>
>> p
>>
>>> Thanks!!!
>>>
>>> ------------------------------------------------------------------------
>>> *From:* Pid <pid@pidster.com <ma...@pidster.com>
> <mailto:pid@pidster.com <ma...@pidster.com>>>
>>> *To:* Tomcat Users List <users@tomcat.apache.org
> <ma...@tomcat.apache.org>
>> <mailto:users@tomcat.apache.org <ma...@tomcat.apache.org>>>
>>> *Sent:* Mon, June 21, 2010 5:30:00 PM
>>> *Subject:* Re: HTTP Status 408!
>>>
>>> On 21/06/2010 15:20, neo21 zerro wrote:
>>>> Hello,
>>>>
>>>> Problem finally solved :) Pid was right my encoding was not ok and a
>>> Cookie was not passed over with the poste of the login page :) I needed
>>> to explicity create a servlet and in that servler add to the response
>>> object the JSSESIONID as a Cookie :)
>>>>
>>>> I have another question can I login from another aplication
>>> programmicaly to my app that runs on Tomcat with custom JAAS login
> module?
>>>
>>> If the other app knows how to perform whatever custom JAAS login you've
>>> built, then I don't see why not.
>>>
>>>
>>> p
>>>
>>>> ________________________________
>>>> From: Martin Gainty <mgainty@hotmail.com
> <ma...@hotmail.com> <mailto:mgainty@hotmail.com
> <ma...@hotmail.com>>
>> <mailto:mgainty@hotmail.com <ma...@hotmail.com>
> <mailto:mgainty@hotmail.com <ma...@hotmail.com>>>>
>>>> To: Tomcat Users List <users@tomcat.apache.org
> <ma...@tomcat.apache.org>
>> <mailto:users@tomcat.apache.org <ma...@tomcat.apache.org>>
>>> <mailto:users@tomcat.apache.org <ma...@tomcat.apache.org>
> <mailto:users@tomcat.apache.org <ma...@tomcat.apache.org>>>>
>>>> Sent: Fri, June 11, 2010 11:16:09 PM
>>>> Subject: RE: HTTP Status 408!
>>>>
>>>>
>>>> can you post all of the code (including the html that houses the flex
>>> components), display the full stacktrace and display environmental
>>> variables from SET
>>>>
>>>> Martin
>>>> ______________________________________________
>>>> standard caveats apply
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>> Date: Fri, 11 Jun 2010 12:32:44 -0700
>>>>> From: neo21_zerro@yahoo.com <ma...@yahoo.com>
> <mailto:neo21_zerro@yahoo.com <ma...@yahoo.com>>
>> <mailto:neo21_zerro@yahoo.com <ma...@yahoo.com>
> <mailto:neo21_zerro@yahoo.com <ma...@yahoo.com>>>
>>>>> Subject: Re: HTTP Status 408!
>>>>> To: users@tomcat.apache.org <ma...@tomcat.apache.org>
> <mailto:users@tomcat.apache.org <ma...@tomcat.apache.org>>
>> <mailto:users@tomcat.apache.org <ma...@tomcat.apache.org>
> <mailto:users@tomcat.apache.org <ma...@tomcat.apache.org>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> I installed the Tomcat 7 RC but the problem persists.
>>>>> So it's definitely a bug from my app. After the logout is made the
>>> redirect is made from flex(navigateToUrl - function) do you think this
>>> could be an issue?
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> ________________________________
>>>>> From: Mark Thomas <markt@apache.org <ma...@apache.org>
> <mailto:markt@apache.org <ma...@apache.org>>
>> <mailto:markt@apache.org <ma...@apache.org>
> <mailto:markt@apache.org <ma...@apache.org>>>>
>>>>> To: Tomcat Users List <users@tomcat.apache.org
> <ma...@tomcat.apache.org>
>> <mailto:users@tomcat.apache.org <ma...@tomcat.apache.org>>
>>> <mailto:users@tomcat.apache.org <ma...@tomcat.apache.org>
> <mailto:users@tomcat.apache.org <ma...@tomcat.apache.org>>>>
>>>>> Sent: Thu, June 10, 2010 10:35:48 PM
>>>>> Subject: Re: HTTP Status 408!
>>>>>
>>>>> On 10/06/2010 15:39, neo21 zerro wrote:
>>>>>>
>>>>>> Yes I am requesting a protected resource but I don't know why is
>>> this happening.
>>>>>>
>>>>>>
>>>>>> I've tried to set all sort of cookies in my browser but nothing
>>> works.....The problem is that I'm not using jsp like Pid said
>>>>>> and I think I should try to use jsp...for my login page.
>>>>>> Are there other versions of Tomcat ? I mean newer versions, like 7 ?
>>>>>
>>>>> That assumes a) there is a bug in Tomcat and b) that it is fixed in a
>>>>> newer version of 6.0.26.
>>>>>
>>>>> I have yet to see any evidence in this thread that there is a bug in
>>> Tomcat.
>>>>>
>>>>> Mark
>>>>>
>>>>>
>>>>>
>>>>> ---------------------------------------------------------------------
>>>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> <ma...@tomcat.apache.org>
>> <mailto:users-unsubscribe@tomcat.apache.org
> <ma...@tomcat.apache.org>>
>>> <mailto:users-unsubscribe@tomcat.apache.org
> <ma...@tomcat.apache.org>
>> <mailto:users-unsubscribe@tomcat.apache.org
> <ma...@tomcat.apache.org>>>
>>>>> For additional commands, e-mail: users-help@tomcat.apache.org
> <ma...@tomcat.apache.org>
>> <mailto:users-help@tomcat.apache.org
> <ma...@tomcat.apache.org>>
>>> <mailto:users-help@tomcat.apache.org
> <ma...@tomcat.apache.org>
>> <mailto:users-help@tomcat.apache.org
> <ma...@tomcat.apache.org>>>
>>>>>
>>>>>
>>>>>
>>>>
>>>> _________________________________________________________________
>>>> The New Busy think 9 to 5 is a cute idea. Combine multiple calendars
>>> with Hotmail.
>>>>
>> http://www.windowslive.com/campaign/thenewbusy?tile=multicalendar&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5 http://www.windowslive.com/campaign/thenewbusy?tile=multicalendar&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5>
>>
> <http://www.windowslive.com/campaign/thenewbusy?tile=multicalendar&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5
> <http://www.windowslive.com/campaign/thenewbusy?tile=multicalendar&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5>>
>>
> <http://www.windowslive.com/campaign/thenewbusy?tile=multicalendar&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5
> <http://www.windowslive.com/campaign/thenewbusy?tile=multicalendar&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5>
>>
> <http://www.windowslive.com/campaign/thenewbusy?tile=multicalendar&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5
> <http://www.windowslive.com/campaign/thenewbusy?tile=multicalendar&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5>>>
>>>>
>>>>
>>>>
>>>
>>>
>>>
>>
>>
>>
>
>
>
Re: HTTP Status 408!
Posted by Pid <pi...@pidster.com>.
On 22/06/2010 13:25, neo21 zerro wrote:
> Can you provide a hint on how to perform automatic login using BASIC
> authentication?
Did you look at the link I sent?
> Or can I somehow modify the class FormAuthenticator? and tell Tomcat to
> use my custom class....
FormAuthenticator is a Valve, it is automatically added to the Valve
pipeline for each Context it's used with. Look at the source for
FormAuthenticator.
You can manually define your own Authenticator implementation, in
META-INF/context.xml.
<?xml version="1.0" encoding="UTF-8"?>
<Context
...
reloadable="true">
<WatchedResource>WEB-INF/web.xml</WatchedResource>
<Valve className="my.package.MyAuthenticator" />
</Context>
N.B. Use your own Authenticator and you'll have to make sure every
Tomcat upgrade is thoroughly checked for changes to the related classes.
Tomcat 7.0 will have programmatic login as it implements Servlet 3.0, so
you might only need to do this is a temporary measure.
p
> ------------------------------------------------------------------------
> *From:* Pid <pi...@pidster.com>
> *To:* Tomcat Users List <us...@tomcat.apache.org>
> *Sent:* Mon, June 21, 2010 7:52:40 PM
> *Subject:* Re: HTTP Status 408!
>
> On 21/06/2010 17:36, neo21 zerro wrote:
>>
>>
>> Ok. Something like this ?
>>
>>
>>
>> URL protectedResource = new URL("http://localhost:8080/resource");
>> *URLConnection yc = *protectedResource*.openConnection();*
>> BufferedReader in = new BufferedReader(
>> new InputStreamReader(
>> *yc.getInputStream()*));
>> String inputLine;
>>
>> while ((inputLine = in.readLine()) != null)
>> //check if the response is the login page
>> in.close();
>>
>> if(The response is login page){
>>
>>
>> //make another request with to specific params for the
> authentication
>> }
>
> It's actually much easier to use BASIC auth if a machine is logging in.
> Look at: http://hc.apache.org/
>
>> My question is that in the second request I need to open a browser so
> is the session id of the
>> first request the same with the session id of the second request?
> because the FormAuthenticator need's
>> the session id of the first request to retrieve the protected resource?
>
> Yes, the session id will be required. If the URLs are encoded properly
> as per previous discussion, then the form action attribute will be
> re-encoded to incorporate the session id - you'll see how to submit to a
> modified URL if you examine the returned HTML for the login form.
>
>
> p
>
>> ------------------------------------------------------------------------
>> *From:* Pid <pid@pidster.com <ma...@pidster.com>>
>> *To:* Tomcat Users List <users@tomcat.apache.org
> <ma...@tomcat.apache.org>>
>> *Sent:* Mon, June 21, 2010 6:19:44 PM
>> *Subject:* Re: HTTP Status 408!
>>
>> On 21/06/2010 15:48, neo21 zerro wrote:
>>> Ok.I already have send params from my other application to my
>>> Tomcat application and everything goes well, I make this with the
>>> j_security_check on a post method, and I track down the path with the
>>> debug log. The problem is that in the
>>> org.apache.catalina.authenticator.FormAuthenticator in the authenticate
>>> method the user is getting authenticated but when the user should be
>>> redirected to the initial saved request, null is returned.
>>> So my problem is that I make */programmaticaly
>>>
>> <http://www.google.ro/search?hl=ro&ei=IXsfTMiCB46C_AaVtpm9DQ&sa=X&oi=spell&resnum=0&ct=result&cd=1&ved=0CCwQBSgA&q=programmaticaly&spell=1 <http://www.google.ro/search?hl=ro&ei=IXsfTMiCB46C_AaVtpm9DQ&sa=X&oi=spell&resnum=0&ct=result&cd=1&ved=0CCwQBSgA&q=programmaticaly&spell=1>
>>
> <http://www.google.ro/search?hl=ro&ei=IXsfTMiCB46C_AaVtpm9DQ&sa=X&oi=spell&resnum=0&ct=result&cd=1&ved=0CCwQBSgA&q=programmaticaly&spell=1
> <http://www.google.ro/search?hl=ro&ei=IXsfTMiCB46C_AaVtpm9DQ&sa=X&oi=spell&resnum=0&ct=result&cd=1&ved=0CCwQBSgA&q=programmaticaly&spell=1>>>
>> /*just
>>> a request to my Tomcat web app authenticating the user per user params
>>> but I need somehow to tell the FormAuthenticator what the saved request
>>> should be. Any ideas?
>>
>> The process is:
>>
>> 1. make a request for a protected resource
>> 2. check the response is what you want,
>>
>> 3. if it's not, but contains a login form
>> 4. submit username & password against form url
>>
>>
>> FormAuthenticator creates the saved request at step 1.
>>
>>
>> p
>>
>>> Thanks!!!
>>>
>>> ------------------------------------------------------------------------
>>> *From:* Pid <pid@pidster.com <ma...@pidster.com>
> <mailto:pid@pidster.com <ma...@pidster.com>>>
>>> *To:* Tomcat Users List <users@tomcat.apache.org
> <ma...@tomcat.apache.org>
>> <mailto:users@tomcat.apache.org <ma...@tomcat.apache.org>>>
>>> *Sent:* Mon, June 21, 2010 5:30:00 PM
>>> *Subject:* Re: HTTP Status 408!
>>>
>>> On 21/06/2010 15:20, neo21 zerro wrote:
>>>> Hello,
>>>>
>>>> Problem finally solved :) Pid was right my encoding was not ok and a
>>> Cookie was not passed over with the poste of the login page :) I needed
>>> to explicity create a servlet and in that servler add to the response
>>> object the JSSESIONID as a Cookie :)
>>>>
>>>> I have another question can I login from another aplication
>>> programmicaly to my app that runs on Tomcat with custom JAAS login
> module?
>>>
>>> If the other app knows how to perform whatever custom JAAS login you've
>>> built, then I don't see why not.
>>>
>>>
>>> p
>>>
>>>> ________________________________
>>>> From: Martin Gainty <mgainty@hotmail.com
> <ma...@hotmail.com> <mailto:mgainty@hotmail.com
> <ma...@hotmail.com>>
>> <mailto:mgainty@hotmail.com <ma...@hotmail.com>
> <mailto:mgainty@hotmail.com <ma...@hotmail.com>>>>
>>>> To: Tomcat Users List <users@tomcat.apache.org
> <ma...@tomcat.apache.org>
>> <mailto:users@tomcat.apache.org <ma...@tomcat.apache.org>>
>>> <mailto:users@tomcat.apache.org <ma...@tomcat.apache.org>
> <mailto:users@tomcat.apache.org <ma...@tomcat.apache.org>>>>
>>>> Sent: Fri, June 11, 2010 11:16:09 PM
>>>> Subject: RE: HTTP Status 408!
>>>>
>>>>
>>>> can you post all of the code (including the html that houses the flex
>>> components), display the full stacktrace and display environmental
>>> variables from SET
>>>>
>>>> Martin
>>>> ______________________________________________
>>>> standard caveats apply
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>> Date: Fri, 11 Jun 2010 12:32:44 -0700
>>>>> From: neo21_zerro@yahoo.com <ma...@yahoo.com>
> <mailto:neo21_zerro@yahoo.com <ma...@yahoo.com>>
>> <mailto:neo21_zerro@yahoo.com <ma...@yahoo.com>
> <mailto:neo21_zerro@yahoo.com <ma...@yahoo.com>>>
>>>>> Subject: Re: HTTP Status 408!
>>>>> To: users@tomcat.apache.org <ma...@tomcat.apache.org>
> <mailto:users@tomcat.apache.org <ma...@tomcat.apache.org>>
>> <mailto:users@tomcat.apache.org <ma...@tomcat.apache.org>
> <mailto:users@tomcat.apache.org <ma...@tomcat.apache.org>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> I installed the Tomcat 7 RC but the problem persists.
>>>>> So it's definitely a bug from my app. After the logout is made the
>>> redirect is made from flex(navigateToUrl - function) do you think this
>>> could be an issue?
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> ________________________________
>>>>> From: Mark Thomas <markt@apache.org <ma...@apache.org>
> <mailto:markt@apache.org <ma...@apache.org>>
>> <mailto:markt@apache.org <ma...@apache.org>
> <mailto:markt@apache.org <ma...@apache.org>>>>
>>>>> To: Tomcat Users List <users@tomcat.apache.org
> <ma...@tomcat.apache.org>
>> <mailto:users@tomcat.apache.org <ma...@tomcat.apache.org>>
>>> <mailto:users@tomcat.apache.org <ma...@tomcat.apache.org>
> <mailto:users@tomcat.apache.org <ma...@tomcat.apache.org>>>>
>>>>> Sent: Thu, June 10, 2010 10:35:48 PM
>>>>> Subject: Re: HTTP Status 408!
>>>>>
>>>>> On 10/06/2010 15:39, neo21 zerro wrote:
>>>>>>
>>>>>> Yes I am requesting a protected resource but I don't know why is
>>> this happening.
>>>>>>
>>>>>>
>>>>>> I've tried to set all sort of cookies in my browser but nothing
>>> works.....The problem is that I'm not using jsp like Pid said
>>>>>> and I think I should try to use jsp...for my login page.
>>>>>> Are there other versions of Tomcat ? I mean newer versions, like 7 ?
>>>>>
>>>>> That assumes a) there is a bug in Tomcat and b) that it is fixed in a
>>>>> newer version of 6.0.26.
>>>>>
>>>>> I have yet to see any evidence in this thread that there is a bug in
>>> Tomcat.
>>>>>
>>>>> Mark
>>>>>
>>>>>
>>>>>
>>>>> ---------------------------------------------------------------------
>>>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> <ma...@tomcat.apache.org>
>> <mailto:users-unsubscribe@tomcat.apache.org
> <ma...@tomcat.apache.org>>
>>> <mailto:users-unsubscribe@tomcat.apache.org
> <ma...@tomcat.apache.org>
>> <mailto:users-unsubscribe@tomcat.apache.org
> <ma...@tomcat.apache.org>>>
>>>>> For additional commands, e-mail: users-help@tomcat.apache.org
> <ma...@tomcat.apache.org>
>> <mailto:users-help@tomcat.apache.org
> <ma...@tomcat.apache.org>>
>>> <mailto:users-help@tomcat.apache.org
> <ma...@tomcat.apache.org>
>> <mailto:users-help@tomcat.apache.org
> <ma...@tomcat.apache.org>>>
>>>>>
>>>>>
>>>>>
>>>>
>>>> _________________________________________________________________
>>>> The New Busy think 9 to 5 is a cute idea. Combine multiple calendars
>>> with Hotmail.
>>>>
>> http://www.windowslive.com/campaign/thenewbusy?tile=multicalendar&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5 <http://www.windowslive.com/campaign/thenewbusy?tile=multicalendar&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5>
>>
> <http://www.windowslive.com/campaign/thenewbusy?tile=multicalendar&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5
> <http://www.windowslive.com/campaign/thenewbusy?tile=multicalendar&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5>>
>>
> <http://www.windowslive.com/campaign/thenewbusy?tile=multicalendar&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5
> <http://www.windowslive.com/campaign/thenewbusy?tile=multicalendar&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5>
>>
> <http://www.windowslive.com/campaign/thenewbusy?tile=multicalendar&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5
> <http://www.windowslive.com/campaign/thenewbusy?tile=multicalendar&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5>>>
>>>>
>>>>
>>>>
>>>
>>>
>>>
>>
>>
>>
>
>
>
Re: HTTP Status 408!
Posted by neo21 zerro <ne...@yahoo.com>.
Can you provide a hint on how to perform automatic login using BASIC authentication?
Or can I somehow modify the class FormAuthenticator? and tell Tomcat to use my custom class....
Thanks!
________________________________
From: Pid <pi...@pidster.com>
To: Tomcat Users List <us...@tomcat.apache.org>
Sent: Mon, June 21, 2010 7:52:40 PM
Subject: Re: HTTP Status 408!
On 21/06/2010 17:36, neo21 zerro wrote:
>
>
> Ok. Something like this ?
>
>
>
> URL protectedResource = new URL("http://localhost:8080/resource");
> *URLConnection yc = *protectedResource*.openConnection();*
> BufferedReader in = new BufferedReader(
> new InputStreamReader(
> *yc.getInputStream()*));
> String inputLine;
>
> while ((inputLine = in.readLine()) != null)
> //check if the response is the login page
> in.close();
>
> if(The response is login page){
>
>
> //make another request with to specific params for the authentication
> }
It's actually much easier to use BASIC auth if a machine is logging in.
Look at: http://hc.apache.org/
> My question is that in the second request I need to open a browser so is the session id of the
> first request the same with the session id of the second request? because the FormAuthenticator need's
> the session id of the first request to retrieve the protected resource?
Yes, the session id will be required. If the URLs are encoded properly
as per previous discussion, then the form action attribute will be
re-encoded to incorporate the session id - you'll see how to submit to a
modified URL if you examine the returned HTML for the login form.
p
> ------------------------------------------------------------------------
> *From:* Pid <pi...@pidster.com>
> *To:* Tomcat Users List <us...@tomcat.apache.org>
> *Sent:* Mon, June 21, 2010 6:19:44 PM
> *Subject:* Re: HTTP Status 408!
>
> On 21/06/2010 15:48, neo21 zerro wrote:
>> Ok.I already have send params from my other application to my
>> Tomcat application and everything goes well, I make this with the
>> j_security_check on a post method, and I track down the path with the
>> debug log. The problem is that in the
>> org.apache.catalina.authenticator.FormAuthenticator in the authenticate
>> method the user is getting authenticated but when the user should be
>> redirected to the initial saved request, null is returned.
>> So my problem is that I make */programmaticaly
>>
> <http://www.google.ro/search?hl=ro&ei=IXsfTMiCB46C_AaVtpm9DQ&sa=X&oi=spell&resnum=0&ct=result&cd=1&ved=0CCwQBSgA&q=programmaticaly&spell=1
> <http://www.google.ro/search?hl=ro&ei=IXsfTMiCB46C_AaVtpm9DQ&sa=X&oi=spell&resnum=0&ct=result&cd=1&ved=0CCwQBSgA&q=programmaticaly&spell=1>>
> /*just
>> a request to my Tomcat web app authenticating the user per user params
>> but I need somehow to tell the FormAuthenticator what the saved request
>> should be. Any ideas?
>
> The process is:
>
> 1. make a request for a protected resource
> 2. check the response is what you want,
>
> 3. if it's not, but contains a login form
> 4. submit username & password against form url
>
>
> FormAuthenticator creates the saved request at step 1.
>
>
> p
>
>> Thanks!!!
>>
>> ------------------------------------------------------------------------
>> *From:* Pid <pid@pidster.com <ma...@pidster.com>>
>> *To:* Tomcat Users List <users@tomcat.apache.org
> <ma...@tomcat.apache.org>>
>> *Sent:* Mon, June 21, 2010 5:30:00 PM
>> *Subject:* Re: HTTP Status 408!
>>
>> On 21/06/2010 15:20, neo21 zerro wrote:
>>> Hello,
>>>
>>> Problem finally solved :) Pid was right my encoding was not ok and a
>> Cookie was not passed over with the poste of the login page :) I needed
>> to explicity create a servlet and in that servler add to the response
>> object the JSSESIONID as a Cookie :)
>>>
>>> I have another question can I login from another aplication
>> programmicaly to my app that runs on Tomcat with custom JAAS login module?
>>
>> If the other app knows how to perform whatever custom JAAS login you've
>> built, then I don't see why not.
>>
>>
>> p
>>
>>> ________________________________
>>> From: Martin Gainty <mgainty@hotmail.com <ma...@hotmail.com>
> <mailto:mgainty@hotmail.com <ma...@hotmail.com>>>
>>> To: Tomcat Users List <users@tomcat.apache.org
> <ma...@tomcat.apache.org>
>> <mailto:users@tomcat.apache.org <ma...@tomcat.apache.org>>>
>>> Sent: Fri, June 11, 2010 11:16:09 PM
>>> Subject: RE: HTTP Status 408!
>>>
>>>
>>> can you post all of the code (including the html that houses the flex
>> components), display the full stacktrace and display environmental
>> variables from SET
>>>
>>> Martin
>>> ______________________________________________
>>> standard caveats apply
>>>
>>>
>>>
>>>
>>>
>>>> Date: Fri, 11 Jun 2010 12:32:44 -0700
>>>> From: neo21_zerro@yahoo.com <ma...@yahoo.com>
> <mailto:neo21_zerro@yahoo.com <ma...@yahoo.com>>
>>>> Subject: Re: HTTP Status 408!
>>>> To: users@tomcat.apache.org <ma...@tomcat.apache.org>
> <mailto:users@tomcat.apache.org <ma...@tomcat.apache.org>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> I installed the Tomcat 7 RC but the problem persists.
>>>> So it's definitely a bug from my app. After the logout is made the
>> redirect is made from flex(navigateToUrl - function) do you think this
>> could be an issue?
>>>>
>>>>
>>>>
>>>>
>>>> ________________________________
>>>> From: Mark Thomas <markt@apache.org <ma...@apache.org>
> <mailto:markt@apache.org <ma...@apache.org>>>
>>>> To: Tomcat Users List <users@tomcat.apache.org
> <ma...@tomcat.apache.org>
>> <mailto:users@tomcat.apache.org <ma...@tomcat.apache.org>>>
>>>> Sent: Thu, June 10, 2010 10:35:48 PM
>>>> Subject: Re: HTTP Status 408!
>>>>
>>>> On 10/06/2010 15:39, neo21 zerro wrote:
>>>>>
>>>>> Yes I am requesting a protected resource but I don't know why is
>> this happening.
>>>>>
>>>>>
>>>>> I've tried to set all sort of cookies in my browser but nothing
>> works.....The problem is that I'm not using jsp like Pid said
>>>>> and I think I should try to use jsp...for my login page.
>>>>> Are there other versions of Tomcat ? I mean newer versions, like 7 ?
>>>>
>>>> That assumes a) there is a bug in Tomcat and b) that it is fixed in a
>>>> newer version of 6.0.26.
>>>>
>>>> I have yet to see any evidence in this thread that there is a bug in
>> Tomcat.
>>>>
>>>> Mark
>>>>
>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> <ma...@tomcat.apache.org>
>> <mailto:users-unsubscribe@tomcat.apache.org
> <ma...@tomcat.apache.org>>
>>>> For additional commands, e-mail: users-help@tomcat.apache.org
> <ma...@tomcat.apache.org>
>> <mailto:users-help@tomcat.apache.org
> <ma...@tomcat.apache.org>>
>>>>
>>>>
>>>>
>>>
>>> _________________________________________________________________
>>> The New Busy think 9 to 5 is a cute idea. Combine multiple calendars
>> with Hotmail.
>>>
> http://www.windowslive.com/campaign/thenewbusy?tile=multicalendar&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5
> <http://www.windowslive.com/campaign/thenewbusy?tile=multicalendar&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5>
> <http://www.windowslive.com/campaign/thenewbusy?tile=multicalendar&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5
> <http://www.windowslive.com/campaign/thenewbusy?tile=multicalendar&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5>>
>>>
>>>
>>>
>>
>>
>>
>
>
>
Re: HTTP Status 408!
Posted by Pid <pi...@pidster.com>.
On 21/06/2010 17:36, neo21 zerro wrote:
>
>
> Ok. Something like this ?
>
>
>
> URL protectedResource = new URL("http://localhost:8080/resource");
> *URLConnection yc = *protectedResource*.openConnection();*
> BufferedReader in = new BufferedReader(
> new InputStreamReader(
> *yc.getInputStream()*));
> String inputLine;
>
> while ((inputLine = in.readLine()) != null)
> //check if the response is the login page
> in.close();
>
> if(The response is login page){
>
>
> //make another request with to specific params for the authentication
> }
It's actually much easier to use BASIC auth if a machine is logging in.
Look at: http://hc.apache.org/
> My question is that in the second request I need to open a browser so is the session id of the
> first request the same with the session id of the second request? because the FormAuthenticator need's
> the session id of the first request to retrieve the protected resource?
Yes, the session id will be required. If the URLs are encoded properly
as per previous discussion, then the form action attribute will be
re-encoded to incorporate the session id - you'll see how to submit to a
modified URL if you examine the returned HTML for the login form.
p
> ------------------------------------------------------------------------
> *From:* Pid <pi...@pidster.com>
> *To:* Tomcat Users List <us...@tomcat.apache.org>
> *Sent:* Mon, June 21, 2010 6:19:44 PM
> *Subject:* Re: HTTP Status 408!
>
> On 21/06/2010 15:48, neo21 zerro wrote:
>> Ok.I already have send params from my other application to my
>> Tomcat application and everything goes well, I make this with the
>> j_security_check on a post method, and I track down the path with the
>> debug log. The problem is that in the
>> org.apache.catalina.authenticator.FormAuthenticator in the authenticate
>> method the user is getting authenticated but when the user should be
>> redirected to the initial saved request, null is returned.
>> So my problem is that I make */programmaticaly
>>
> <http://www.google.ro/search?hl=ro&ei=IXsfTMiCB46C_AaVtpm9DQ&sa=X&oi=spell&resnum=0&ct=result&cd=1&ved=0CCwQBSgA&q=programmaticaly&spell=1
> <http://www.google.ro/search?hl=ro&ei=IXsfTMiCB46C_AaVtpm9DQ&sa=X&oi=spell&resnum=0&ct=result&cd=1&ved=0CCwQBSgA&q=programmaticaly&spell=1>>
> /*just
>> a request to my Tomcat web app authenticating the user per user params
>> but I need somehow to tell the FormAuthenticator what the saved request
>> should be. Any ideas?
>
> The process is:
>
> 1. make a request for a protected resource
> 2. check the response is what you want,
>
> 3. if it's not, but contains a login form
> 4. submit username & password against form url
>
>
> FormAuthenticator creates the saved request at step 1.
>
>
> p
>
>> Thanks!!!
>>
>> ------------------------------------------------------------------------
>> *From:* Pid <pid@pidster.com <ma...@pidster.com>>
>> *To:* Tomcat Users List <users@tomcat.apache.org
> <ma...@tomcat.apache.org>>
>> *Sent:* Mon, June 21, 2010 5:30:00 PM
>> *Subject:* Re: HTTP Status 408!
>>
>> On 21/06/2010 15:20, neo21 zerro wrote:
>>> Hello,
>>>
>>> Problem finally solved :) Pid was right my encoding was not ok and a
>> Cookie was not passed over with the poste of the login page :) I needed
>> to explicity create a servlet and in that servler add to the response
>> object the JSSESIONID as a Cookie :)
>>>
>>> I have another question can I login from another aplication
>> programmicaly to my app that runs on Tomcat with custom JAAS login module?
>>
>> If the other app knows how to perform whatever custom JAAS login you've
>> built, then I don't see why not.
>>
>>
>> p
>>
>>> ________________________________
>>> From: Martin Gainty <mgainty@hotmail.com <ma...@hotmail.com>
> <mailto:mgainty@hotmail.com <ma...@hotmail.com>>>
>>> To: Tomcat Users List <users@tomcat.apache.org
> <ma...@tomcat.apache.org>
>> <mailto:users@tomcat.apache.org <ma...@tomcat.apache.org>>>
>>> Sent: Fri, June 11, 2010 11:16:09 PM
>>> Subject: RE: HTTP Status 408!
>>>
>>>
>>> can you post all of the code (including the html that houses the flex
>> components), display the full stacktrace and display environmental
>> variables from SET
>>>
>>> Martin
>>> ______________________________________________
>>> standard caveats apply
>>>
>>>
>>>
>>>
>>>
>>>> Date: Fri, 11 Jun 2010 12:32:44 -0700
>>>> From: neo21_zerro@yahoo.com <ma...@yahoo.com>
> <mailto:neo21_zerro@yahoo.com <ma...@yahoo.com>>
>>>> Subject: Re: HTTP Status 408!
>>>> To: users@tomcat.apache.org <ma...@tomcat.apache.org>
> <mailto:users@tomcat.apache.org <ma...@tomcat.apache.org>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> I installed the Tomcat 7 RC but the problem persists.
>>>> So it's definitely a bug from my app. After the logout is made the
>> redirect is made from flex(navigateToUrl - function) do you think this
>> could be an issue?
>>>>
>>>>
>>>>
>>>>
>>>> ________________________________
>>>> From: Mark Thomas <markt@apache.org <ma...@apache.org>
> <mailto:markt@apache.org <ma...@apache.org>>>
>>>> To: Tomcat Users List <users@tomcat.apache.org
> <ma...@tomcat.apache.org>
>> <mailto:users@tomcat.apache.org <ma...@tomcat.apache.org>>>
>>>> Sent: Thu, June 10, 2010 10:35:48 PM
>>>> Subject: Re: HTTP Status 408!
>>>>
>>>> On 10/06/2010 15:39, neo21 zerro wrote:
>>>>>
>>>>> Yes I am requesting a protected resource but I don't know why is
>> this happening.
>>>>>
>>>>>
>>>>> I've tried to set all sort of cookies in my browser but nothing
>> works.....The problem is that I'm not using jsp like Pid said
>>>>> and I think I should try to use jsp...for my login page.
>>>>> Are there other versions of Tomcat ? I mean newer versions, like 7 ?
>>>>
>>>> That assumes a) there is a bug in Tomcat and b) that it is fixed in a
>>>> newer version of 6.0.26.
>>>>
>>>> I have yet to see any evidence in this thread that there is a bug in
>> Tomcat.
>>>>
>>>> Mark
>>>>
>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> <ma...@tomcat.apache.org>
>> <mailto:users-unsubscribe@tomcat.apache.org
> <ma...@tomcat.apache.org>>
>>>> For additional commands, e-mail: users-help@tomcat.apache.org
> <ma...@tomcat.apache.org>
>> <mailto:users-help@tomcat.apache.org
> <ma...@tomcat.apache.org>>
>>>>
>>>>
>>>>
>>>
>>> _________________________________________________________________
>>> The New Busy think 9 to 5 is a cute idea. Combine multiple calendars
>> with Hotmail.
>>>
> http://www.windowslive.com/campaign/thenewbusy?tile=multicalendar&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5
> <http://www.windowslive.com/campaign/thenewbusy?tile=multicalendar&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5>
> <http://www.windowslive.com/campaign/thenewbusy?tile=multicalendar&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5
> <http://www.windowslive.com/campaign/thenewbusy?tile=multicalendar&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5>>
>>>
>>>
>>>
>>
>>
>>
>
>
>
Re: HTTP Status 408!
Posted by neo21 zerro <ne...@yahoo.com>.
Ok. Something like this ?
URL protectedResource = new URL("http://localhost:8080/resource");
URLConnection yc = protectedResource.openConnection();
BufferedReader in = new BufferedReader(
new InputStreamReader(
yc.getInputStream()));
String inputLine;
while ((inputLine = in.readLine()) != null)
//check if the response is the login page
in.close();
if(The response is login page){
//make another request with to specific params for the authentication
}
My question is that in the second request I need to open a browser so is the session id of the
first request the same with the session id of the second request? because the FormAuthenticator need's
the session id of the first request to retrieve the protected resource?
________________________________
From: Pid <pi...@pidster.com>
To: Tomcat Users List <us...@tomcat.apache.org>
Sent: Mon, June 21, 2010 6:19:44 PM
Subject: Re: HTTP Status 408!
On 21/06/2010 15:48, neo21 zerro wrote:
> Ok.I already have send params from my other application to my
> Tomcat application and everything goes well, I make this with the
> j_security_check on a post method, and I track down the path with the
> debug log. The problem is that in the
> org.apache.catalina.authenticator.FormAuthenticator in the authenticate
> method the user is getting authenticated but when the user should be
> redirected to the initial saved request, null is returned.
> So my problem is that I make */programmaticaly
> <http://www.google.ro/search?hl=ro&ei=IXsfTMiCB46C_AaVtpm9DQ&sa=X&oi=spell&resnum=0&ct=result&cd=1&ved=0CCwQBSgA&q=programmaticaly&spell=1> /*just
> a request to my Tomcat web app authenticating the user per user params
> but I need somehow to tell the FormAuthenticator what the saved request
> should be. Any ideas?
The process is:
1. make a request for a protected resource
2. check the response is what you want,
3. if it's not, but contains a login form
4. submit username & password against form url
FormAuthenticator creates the saved request at step 1.
p
> Thanks!!!
>
> ------------------------------------------------------------------------
> *From:* Pid <pi...@pidster.com>
> *To:* Tomcat Users List <us...@tomcat.apache.org>
> *Sent:* Mon, June 21, 2010 5:30:00 PM
> *Subject:* Re: HTTP Status 408!
>
> On 21/06/2010 15:20, neo21 zerro wrote:
>> Hello,
>>
>> Problem finally solved :) Pid was right my encoding was not ok and a
> Cookie was not passed over with the poste of the login page :) I needed
> to explicity create a servlet and in that servler add to the response
> object the JSSESIONID as a Cookie :)
>>
>> I have another question can I login from another aplication
> programmicaly to my app that runs on Tomcat with custom JAAS login module?
>
> If the other app knows how to perform whatever custom JAAS login you've
> built, then I don't see why not.
>
>
> p
>
>> ________________________________
>> From: Martin Gainty <mgainty@hotmail.com <ma...@hotmail.com>>
>> To: Tomcat Users List <users@tomcat.apache.org
> <ma...@tomcat.apache.org>>
>> Sent: Fri, June 11, 2010 11:16:09 PM
>> Subject: RE: HTTP Status 408!
>>
>>
>> can you post all of the code (including the html that houses the flex
> components), display the full stacktrace and display environmental
> variables from SET
>>
>> Martin
>> ______________________________________________
>> standard caveats apply
>>
>>
>>
>>
>>
>>> Date: Fri, 11 Jun 2010 12:32:44 -0700
>>> From: neo21_zerro@yahoo.com <ma...@yahoo.com>
>>> Subject: Re: HTTP Status 408!
>>> To: users@tomcat.apache.org <ma...@tomcat.apache.org>
>>>
>>>
>>>
>>>
>>>
>>> I installed the Tomcat 7 RC but the problem persists.
>>> So it's definitely a bug from my app. After the logout is made the
> redirect is made from flex(navigateToUrl - function) do you think this
> could be an issue?
>>>
>>>
>>>
>>>
>>> ________________________________
>>> From: Mark Thomas <markt@apache.org <ma...@apache.org>>
>>> To: Tomcat Users List <users@tomcat.apache.org
> <ma...@tomcat.apache.org>>
>>> Sent: Thu, June 10, 2010 10:35:48 PM
>>> Subject: Re: HTTP Status 408!
>>>
>>> On 10/06/2010 15:39, neo21 zerro wrote:
>>>>
>>>> Yes I am requesting a protected resource but I don't know why is
> this happening.
>>>>
>>>>
>>>> I've tried to set all sort of cookies in my browser but nothing
> works.....The problem is that I'm not using jsp like Pid said
>>>> and I think I should try to use jsp...for my login page.
>>>> Are there other versions of Tomcat ? I mean newer versions, like 7 ?
>>>
>>> That assumes a) there is a bug in Tomcat and b) that it is fixed in a
>>> newer version of 6.0.26.
>>>
>>> I have yet to see any evidence in this thread that there is a bug in
> Tomcat.
>>>
>>> Mark
>>>
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> <ma...@tomcat.apache.org>
>>> For additional commands, e-mail: users-help@tomcat.apache.org
> <ma...@tomcat.apache.org>
>>>
>>>
>>>
>>
>> _________________________________________________________________
>> The New Busy think 9 to 5 is a cute idea. Combine multiple calendars
> with Hotmail.
>> http://www.windowslive.com/campaign/thenewbusy?tile=multicalendar&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5 <http://www.windowslive.com/campaign/thenewbusy?tile=multicalendar&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5>
>>
>>
>>
>
>
>
Re: HTTP Status 408!
Posted by Pid <pi...@pidster.com>.
On 21/06/2010 15:48, neo21 zerro wrote:
> Ok.I already have send params from my other application to my
> Tomcat application and everything goes well, I make this with the
> j_security_check on a post method, and I track down the path with the
> debug log. The problem is that in the
> org.apache.catalina.authenticator.FormAuthenticator in the authenticate
> method the user is getting authenticated but when the user should be
> redirected to the initial saved request, null is returned.
> So my problem is that I make */programmaticaly
> <http://www.google.ro/search?hl=ro&ei=IXsfTMiCB46C_AaVtpm9DQ&sa=X&oi=spell&resnum=0&ct=result&cd=1&ved=0CCwQBSgA&q=programmaticaly&spell=1> /*just
> a request to my Tomcat web app authenticating the user per user params
> but I need somehow to tell the FormAuthenticator what the saved request
> should be. Any ideas?
The process is:
1. make a request for a protected resource
2. check the response is what you want,
3. if it's not, but contains a login form
4. submit username & password against form url
FormAuthenticator creates the saved request at step 1.
p
> Thanks!!!
>
> ------------------------------------------------------------------------
> *From:* Pid <pi...@pidster.com>
> *To:* Tomcat Users List <us...@tomcat.apache.org>
> *Sent:* Mon, June 21, 2010 5:30:00 PM
> *Subject:* Re: HTTP Status 408!
>
> On 21/06/2010 15:20, neo21 zerro wrote:
>> Hello,
>>
>> Problem finally solved :) Pid was right my encoding was not ok and a
> Cookie was not passed over with the poste of the login page :) I needed
> to explicity create a servlet and in that servler add to the response
> object the JSSESIONID as a Cookie :)
>>
>> I have another question can I login from another aplication
> programmicaly to my app that runs on Tomcat with custom JAAS login module?
>
> If the other app knows how to perform whatever custom JAAS login you've
> built, then I don't see why not.
>
>
> p
>
>> ________________________________
>> From: Martin Gainty <mgainty@hotmail.com <ma...@hotmail.com>>
>> To: Tomcat Users List <users@tomcat.apache.org
> <ma...@tomcat.apache.org>>
>> Sent: Fri, June 11, 2010 11:16:09 PM
>> Subject: RE: HTTP Status 408!
>>
>>
>> can you post all of the code (including the html that houses the flex
> components), display the full stacktrace and display environmental
> variables from SET
>>
>> Martin
>> ______________________________________________
>> standard caveats apply
>>
>>
>>
>>
>>
>>> Date: Fri, 11 Jun 2010 12:32:44 -0700
>>> From: neo21_zerro@yahoo.com <ma...@yahoo.com>
>>> Subject: Re: HTTP Status 408!
>>> To: users@tomcat.apache.org <ma...@tomcat.apache.org>
>>>
>>>
>>>
>>>
>>>
>>> I installed the Tomcat 7 RC but the problem persists.
>>> So it's definitely a bug from my app. After the logout is made the
> redirect is made from flex(navigateToUrl - function) do you think this
> could be an issue?
>>>
>>>
>>>
>>>
>>> ________________________________
>>> From: Mark Thomas <markt@apache.org <ma...@apache.org>>
>>> To: Tomcat Users List <users@tomcat.apache.org
> <ma...@tomcat.apache.org>>
>>> Sent: Thu, June 10, 2010 10:35:48 PM
>>> Subject: Re: HTTP Status 408!
>>>
>>> On 10/06/2010 15:39, neo21 zerro wrote:
>>>>
>>>> Yes I am requesting a protected resource but I don't know why is
> this happening.
>>>>
>>>>
>>>> I've tried to set all sort of cookies in my browser but nothing
> works.....The problem is that I'm not using jsp like Pid said
>>>> and I think I should try to use jsp...for my login page.
>>>> Are there other versions of Tomcat ? I mean newer versions, like 7 ?
>>>
>>> That assumes a) there is a bug in Tomcat and b) that it is fixed in a
>>> newer version of 6.0.26.
>>>
>>> I have yet to see any evidence in this thread that there is a bug in
> Tomcat.
>>>
>>> Mark
>>>
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> <ma...@tomcat.apache.org>
>>> For additional commands, e-mail: users-help@tomcat.apache.org
> <ma...@tomcat.apache.org>
>>>
>>>
>>>
>>
>> _________________________________________________________________
>> The New Busy think 9 to 5 is a cute idea. Combine multiple calendars
> with Hotmail.
>> http://www.windowslive.com/campaign/thenewbusy?tile=multicalendar&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5 <http://www.windowslive.com/campaign/thenewbusy?tile=multicalendar&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5>
>>
>>
>>
>
>
>
Re: HTTP Status 408!
Posted by neo21 zerro <ne...@yahoo.com>.
Ok.I already have send params from my other application to my Tomcat application and everything goes well, I make this with the j_security_check on a post method, and I track down the path with the debug log. The problem is that in the org.apache.catalina.authenticator.FormAuthenticator in the authenticate method the user is getting authenticated but when the user should be redirected to the initial saved request, null is returned.
So my problem is that I make programmaticaly just a request to my Tomcat web app authenticating the user per user params but I need somehow to tell the FormAuthenticator what the saved request should be. Any ideas?
Thanks!!!
________________________________
From: Pid <pi...@pidster.com>
To: Tomcat Users List <us...@tomcat.apache.org>
Sent: Mon, June 21, 2010 5:30:00 PM
Subject: Re: HTTP Status 408!
On 21/06/2010 15:20, neo21 zerro wrote:
> Hello,
>
> Problem finally solved :) Pid was right my encoding was not ok and a Cookie was not passed over with the poste of the login page :) I needed to explicity create a servlet and in that servler add to the response object the JSSESIONID as a Cookie :)
>
> I have another question can I login from another aplication programmicaly to my app that runs on Tomcat with custom JAAS login module?
If the other app knows how to perform whatever custom JAAS login you've
built, then I don't see why not.
p
> ________________________________
> From: Martin Gainty <mg...@hotmail.com>
> To: Tomcat Users List <us...@tomcat.apache.org>
> Sent: Fri, June 11, 2010 11:16:09 PM
> Subject: RE: HTTP Status 408!
>
>
> can you post all of the code (including the html that houses the flex components), display the full stacktrace and display environmental variables from SET
>
> Martin
> ______________________________________________
> standard caveats apply
>
>
>
>
>
>> Date: Fri, 11 Jun 2010 12:32:44 -0700
>> From: neo21_zerro@yahoo.com
>> Subject: Re: HTTP Status 408!
>> To: users@tomcat.apache.org
>>
>>
>>
>>
>>
>> I installed the Tomcat 7 RC but the problem persists.
>> So it's definitely a bug from my app. After the logout is made the redirect is made from flex(navigateToUrl - function) do you think this could be an issue?
>>
>>
>>
>>
>> ________________________________
>> From: Mark Thomas <ma...@apache.org>
>> To: Tomcat Users List <us...@tomcat.apache.org>
>> Sent: Thu, June 10, 2010 10:35:48 PM
>> Subject: Re: HTTP Status 408!
>>
>> On 10/06/2010 15:39, neo21 zerro wrote:
>>>
>>> Yes I am requesting a protected resource but I don't know why is this happening.
>>>
>>>
>>> I've tried to set all sort of cookies in my browser but nothing works.....The problem is that I'm not using jsp like Pid said
>>> and I think I should try to use jsp...for my login page.
>>> Are there other versions of Tomcat ? I mean newer versions, like 7 ?
>>
>> That assumes a) there is a bug in Tomcat and b) that it is fixed in a
>> newer version of 6.0.26.
>>
>> I have yet to see any evidence in this thread that there is a bug in Tomcat.
>>
>> Mark
>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>>
>>
>
> _________________________________________________________________
> The New Busy think 9 to 5 is a cute idea. Combine multiple calendars with Hotmail.
> http://www.windowslive.com/campaign/thenewbusy?tile=multicalendar&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5
>
>
>
Re: HTTP Status 408!
Posted by Pid <pi...@pidster.com>.
On 21/06/2010 15:20, neo21 zerro wrote:
> Hello,
>
> Problem finally solved :) Pid was right my encoding was not ok and a Cookie was not passed over with the poste of the login page :) I needed to explicity create a servlet and in that servler add to the response object the JSSESIONID as a Cookie :)
>
> I have another question can I login from another aplication programmicaly to my app that runs on Tomcat with custom JAAS login module?
If the other app knows how to perform whatever custom JAAS login you've
built, then I don't see why not.
p
> ________________________________
> From: Martin Gainty <mg...@hotmail.com>
> To: Tomcat Users List <us...@tomcat.apache.org>
> Sent: Fri, June 11, 2010 11:16:09 PM
> Subject: RE: HTTP Status 408!
>
>
> can you post all of the code (including the html that houses the flex components), display the full stacktrace and display environmental variables from SET
>
> Martin
> ______________________________________________
> standard caveats apply
>
>
>
>
>
>> Date: Fri, 11 Jun 2010 12:32:44 -0700
>> From: neo21_zerro@yahoo.com
>> Subject: Re: HTTP Status 408!
>> To: users@tomcat.apache.org
>>
>>
>>
>>
>>
>> I installed the Tomcat 7 RC but the problem persists.
>> So it's definitely a bug from my app. After the logout is made the redirect is made from flex(navigateToUrl - function) do you think this could be an issue?
>>
>>
>>
>>
>> ________________________________
>> From: Mark Thomas <ma...@apache.org>
>> To: Tomcat Users List <us...@tomcat.apache.org>
>> Sent: Thu, June 10, 2010 10:35:48 PM
>> Subject: Re: HTTP Status 408!
>>
>> On 10/06/2010 15:39, neo21 zerro wrote:
>>>
>>> Yes I am requesting a protected resource but I don't know why is this happening.
>>>
>>>
>>> I've tried to set all sort of cookies in my browser but nothing works.....The problem is that I'm not using jsp like Pid said
>>> and I think I should try to use jsp...for my login page.
>>> Are there other versions of Tomcat ? I mean newer versions, like 7 ?
>>
>> That assumes a) there is a bug in Tomcat and b) that it is fixed in a
>> newer version of 6.0.26.
>>
>> I have yet to see any evidence in this thread that there is a bug in Tomcat.
>>
>> Mark
>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>>
>>
>
> _________________________________________________________________
> The New Busy think 9 to 5 is a cute idea. Combine multiple calendars with Hotmail.
> http://www.windowslive.com/campaign/thenewbusy?tile=multicalendar&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5
>
>
>
Re: HTTP Status 408!
Posted by neo21 zerro <ne...@yahoo.com>.
Hello,
Problem finally solved :) Pid was right my encoding was not ok and a Cookie was not passed over with the poste of the login page :) I needed to explicity create a servlet and in that servler add to the response object the JSSESIONID as a Cookie :)
I have another question can I login from another aplication programmicaly to my app that runs on Tomcat with custom JAAS login module?
________________________________
From: Martin Gainty <mg...@hotmail.com>
To: Tomcat Users List <us...@tomcat.apache.org>
Sent: Fri, June 11, 2010 11:16:09 PM
Subject: RE: HTTP Status 408!
can you post all of the code (including the html that houses the flex components), display the full stacktrace and display environmental variables from SET
Martin
______________________________________________
standard caveats apply
> Date: Fri, 11 Jun 2010 12:32:44 -0700
> From: neo21_zerro@yahoo.com
> Subject: Re: HTTP Status 408!
> To: users@tomcat.apache.org
>
>
>
>
>
> I installed the Tomcat 7 RC but the problem persists.
> So it's definitely a bug from my app. After the logout is made the redirect is made from flex(navigateToUrl - function) do you think this could be an issue?
>
>
>
>
> ________________________________
> From: Mark Thomas <ma...@apache.org>
> To: Tomcat Users List <us...@tomcat.apache.org>
> Sent: Thu, June 10, 2010 10:35:48 PM
> Subject: Re: HTTP Status 408!
>
> On 10/06/2010 15:39, neo21 zerro wrote:
> >
> > Yes I am requesting a protected resource but I don't know why is this happening.
> >
> >
> > I've tried to set all sort of cookies in my browser but nothing works.....The problem is that I'm not using jsp like Pid said
> > and I think I should try to use jsp...for my login page.
> > Are there other versions of Tomcat ? I mean newer versions, like 7 ?
>
> That assumes a) there is a bug in Tomcat and b) that it is fixed in a
> newer version of 6.0.26.
>
> I have yet to see any evidence in this thread that there is a bug in Tomcat.
>
> Mark
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
>
_________________________________________________________________
The New Busy think 9 to 5 is a cute idea. Combine multiple calendars with Hotmail.
http://www.windowslive.com/campaign/thenewbusy?tile=multicalendar&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5
RE: HTTP Status 408!
Posted by Martin Gainty <mg...@hotmail.com>.
can you post all of the code (including the html that houses the flex components), display the full stacktrace and display environmental variables from SET
Martin
______________________________________________
standard caveats apply
> Date: Fri, 11 Jun 2010 12:32:44 -0700
> From: neo21_zerro@yahoo.com
> Subject: Re: HTTP Status 408!
> To: users@tomcat.apache.org
>
>
>
>
>
> I installed the Tomcat 7 RC but the problem persists.
> So it's definitely a bug from my app. After the logout is made the redirect is made from flex(navigateToUrl - function) do you think this could be an issue?
>
>
>
>
> ________________________________
> From: Mark Thomas <ma...@apache.org>
> To: Tomcat Users List <us...@tomcat.apache.org>
> Sent: Thu, June 10, 2010 10:35:48 PM
> Subject: Re: HTTP Status 408!
>
> On 10/06/2010 15:39, neo21 zerro wrote:
> >
> > Yes I am requesting a protected resource but I don't know why is this happening.
> >
> >
> > I've tried to set all sort of cookies in my browser but nothing works.....The problem is that I'm not using jsp like Pid said
> > and I think I should try to use jsp...for my login page.
> > Are there other versions of Tomcat ? I mean newer versions, like 7 ?
>
> That assumes a) there is a bug in Tomcat and b) that it is fixed in a
> newer version of 6.0.26.
>
> I have yet to see any evidence in this thread that there is a bug in Tomcat.
>
> Mark
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
>
_________________________________________________________________
The New Busy think 9 to 5 is a cute idea. Combine multiple calendars with Hotmail.
http://www.windowslive.com/campaign/thenewbusy?tile=multicalendar&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5
Re: HTTP Status 408!
Posted by neo21 zerro <ne...@yahoo.com>.
I installed the Tomcat 7 RC but the problem persists.
So it's definitely a bug from my app. After the logout is made the redirect is made from flex(navigateToUrl - function) do you think this could be an issue?
________________________________
From: Mark Thomas <ma...@apache.org>
To: Tomcat Users List <us...@tomcat.apache.org>
Sent: Thu, June 10, 2010 10:35:48 PM
Subject: Re: HTTP Status 408!
On 10/06/2010 15:39, neo21 zerro wrote:
>
> Yes I am requesting a protected resource but I don't know why is this happening.
>
>
> I've tried to set all sort of cookies in my browser but nothing works.....The problem is that I'm not using jsp like Pid said
> and I think I should try to use jsp...for my login page.
> Are there other versions of Tomcat ? I mean newer versions, like 7 ?
That assumes a) there is a bug in Tomcat and b) that it is fixed in a
newer version of 6.0.26.
I have yet to see any evidence in this thread that there is a bug in Tomcat.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: HTTP Status 408!
Posted by Mark Thomas <ma...@apache.org>.
On 10/06/2010 15:39, neo21 zerro wrote:
>
> Yes I am requesting a protected resource but I don't know why is this happening.
>
>
> I've tried to set all sort of cookies in my browser but nothing works.....The problem is that I'm not using jsp like Pid said
> and I think I should try to use jsp...for my login page.
> Are there other versions of Tomcat ? I mean newer versions, like 7 ?
That assumes a) there is a bug in Tomcat and b) that it is fixed in a
newer version of 6.0.26.
I have yet to see any evidence in this thread that there is a bug in Tomcat.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: HTTP Status 408!
Posted by neo21 zerro <ne...@yahoo.com>.
Yes I am requesting a protected resource but I don't know why is this happening.
I've tried to set all sort of cookies in my browser but nothing works.....The problem is that I'm not using jsp like Pid said
and I think I should try to use jsp...for my login page.
Are there other versions of Tomcat ? I mean newer versions, like 7 ?
Thanks for your time!
________________________________
From: Christopher Schultz <ch...@christopherschultz.net>
To: Tomcat Users List <us...@tomcat.apache.org>
Sent: Thu, June 10, 2010 4:46:16 PM
Subject: Re: HTTP Status 408!
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Neo21,
On 6/9/2010 4:52 PM, neo21 zerro wrote:
> I'm using Tomcat 6.0.26 with java 1.5 JDK.
>
> I've developed a JAAS login module for my application and when I try
> to login in my app a strange error occur's: HTTP Status 408:The time
> allowed for the login process has been exceeded. If you wish to
> continue you must either click back twice and re-click the link you
> requested or close and re-open your browser.
Are you trying to login without having first requested a protected page?
The behavior you describe is how Tomcat acts if it's not expecting a
login, but gets one anyway.
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAkwQ7KgACgkQ9CaO5/Lv0PCQIACcDLKAA/VzAlElHHTknzz8XjCW
XUcAoLnJOKG/tNhcGf0O2FOIvSrDH9Ss
=fnzD
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: HTTP Status 408!
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Neo21,
On 6/9/2010 4:52 PM, neo21 zerro wrote:
> I'm using Tomcat 6.0.26 with java 1.5 JDK.
>
> I've developed a JAAS login module for my application and when I try
> to login in my app a strange error occur's: HTTP Status 408:The time
> allowed for the login process has been exceeded. If you wish to
> continue you must either click back twice and re-click the link you
> requested or close and re-open your browser.
Are you trying to login without having first requested a protected page?
The behavior you describe is how Tomcat acts if it's not expecting a
login, but gets one anyway.
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAkwQ7KgACgkQ9CaO5/Lv0PCQIACcDLKAA/VzAlElHHTknzz8XjCW
XUcAoLnJOKG/tNhcGf0O2FOIvSrDH9Ss
=fnzD
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org